by MichaelDvorak

This check gives a summary of the state of Windows Defender or System Center Endpoint Protection. It shows the status of all Windows Defender services (if they are enabled or disabled), checks if all signatures are up to date and if the last QuickScan was OK. You can define the levels for signature age and the last QuickScan age via a rule called -> Defender Signature and QuickScan age. Make sure, that the PowerShell cmdlet Get-MpComputerStatus is working (for Windows Defender) and Get-MProtComputerStatus for System Center Endpoint Protection!

by MichaelDvorak

This plugin checks RD sessions on a Remote Desktop Session Host (RDSH). You can define some users usernames that must be online (e.g., system users for running specific scripts or executing specific tasks ....). You can find the regarding rule under Setup=>Service monitoring rules=>RDSH active user. In this rule, you can define the usernames of one or more users! If one of the users defined in this rule is offline, the check status will switch to critical. If no rule is specified, this check status will always be OK! The service contains also a perf-o-meter which shows the count of active and disconnected users. The count of active and disconnected users are also available via a service graph. Important: The Windows agent plugin needs the PowerShell module "PSTerminalServices" to be installed on the monitored machine -> see https://www.powershellgallery.com/packages/PSTerminalServices/1.0 Please adjust the path to the "PSTerminalServices" PowerShell module inside the Windows agent plugin!

by MichaelDvorak

This plugin checks if there were any threats detected by Windows Defender or System Center Endpoint Protection. If one or more threats are found, the service will enter a critical state and display the number of threats found, the filenames, the usernames, and the date and time when the threats were detected. You can acknowledge threats using a rule called "Defender acknowledged threats". Simply add some Detection IDs to this rule, and the threats related to these Detection IDs will no longer trigger alarms. The format of a Detection ID looks like 3F7AD35-C2F3-4C81-A7D7-4C67A1D10CC4. Automatic inventory is supported. Install the agent, and the rest will be done automatically. One service will be called "AV threats Defender" (for Windows Defender) or "AV threats SCEP". V1.0.1: fixed an issue in the windows agent plugin with english date/time formats V1.0.2: fixed an issue with white spaces in the user name

by MichaelDvorak

This plugin gets the count of emails in the mail queue of NoSpamProxy. You can define levels for warning and critical state. If the email count in the mail queue exceeds these levels, the service will enter a warning or critical state! You must configure a Windows user for script execution in C:\ProgramData\checkmk\agent\check_mk.user.yml: - pattern : '$CUSTOM_PLUGINS_PATH$\spit_nsp_mailq.ps1' user : '[username] [password]' run : yes The Windows user must have appropriate rights to use the PowerShell cmdlets of NoSpamProxy. So add the Windows user to the user group "NoSpamProxy Monitoring Administrators"! Automatic inventory is supported. Install the agent and one service called "NSP Mail Queue" will be created.

by MichaelDvorak

This plugin checks the expiration date of NoSpamProxy certificates used for M365 client identification (used for company servers) You can define levels for warning and critical state. If the expiration date of a certificate is fewer days far as defined in these levels then the service will switch to WARN or CRIT state. You must configure a Windows user for script execution in C:\ProgramData\checkmk\agent\check_mk.user.yml: - pattern : '$CUSTOM_PLUGINS_PATH$\spit_nsp_certificates.ps1' user : ' ' run : yes async : yes cache_age : 3600 The Windows user must have appropriate rights to use the PowerShell cmdlet of Get-NspCertificate. So add the Windows user to the user group "NoSpamProxy People and Identities Administrators"! It should also be sufficient to run the script every hour (3600 seconds)! inventory: Automatic inventory is supported. Install the agent and one service called "NSP certificates" will be created.